1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5438-1] asterisk security update

    From Markus Koschany@21:1/5 to All on Fri Jun 23 00:10:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5438-1 security@debian.org https://www.debian.org/security/ Markus Koschany
    June 22, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : asterisk
    CVE ID : CVE-2023-27585
    Debian Bug : 1036697

    A flaw was found in Asterisk, an Open Source Private Branch Exchange. A
    buffer overflow vulnerability affects users that use PJSIP DNS resolver.
    This vulnerability is related to CVE-2022-24793. The difference is that
    this issue is in parsing the query record `parse_query()`, while the issue
    in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS
    resolution in PJSIP config (by setting `nameserver_count` to zero) or use
    an external resolver implementation instead.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 1:16.28.0~dfsg-0+deb11u3.

    We recommend that you upgrade your asterisk packages.

    For the detailed security status of asterisk please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/asterisk

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmSUwnRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRsCxAAuFfItEe6Gyu5VcJqSzHQpy+kfbBD1F6msFf7GnNzx4WiJssF5b4eVC4h Im6N4tW6S3YfoymUC4chFy9ifeH10HMruAlWik+h4v/TLEaeBps4UF6JmUkF8ra4 ML3NT+vkdaLlFF7jtcDyTZXc0Vhy2wQ51EABX8bd7vUp39UObhZZw6+wJjrT6tCc P7wwMEOkoUCrg3llX/yvtpHqJiYo6yLrtEaoPpLvl2up6cx9FRvuK7E1B2hhPu0H oULxjphtz3Xmccw5kViC7zIo588GXCqIQW0/t6Uh0pYT1aWpWAfViMlpOtZx+Pff pvFJy8Vizyp3MQ3yVZSOMrz68uOenXUkh9BbrdMw8AHbZgk/j8mKFbQhGJNfB209 8BcmibGF3fPr0g6Ux6dGXlWUF1fMeuChmo5dylZhxmI4/M6wd5sqpHv4+RiEOM4X lROdlRQVToHIBGbwGvFAD7hiv6/wjmOXuY1NafqzCTyX1awMgKcQPqjPrUo1ugWy IQayIG2RhSKC/x8fUn1fr5+kA/KjvjH7pLtlvr2MWhOWV5ryUtuXdqGp5YWGZV5D 2gA2sGeeGJgmAZfnzW6iY7/EZcLTnF1uWHGEk5cN/FQIObpqTqmSU2KOYWWmUOOV LAbko9P1aLCUNjj1WOzOMy29nbGBINnQquyW2DkhoaTYW6jjmPc=
    =SDbp
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)